Facing problems while signing PDF using py-hsm with Cavium

[tankhare]

Hello,

We are trying to evaluate the library with Cavium HSM. While working with Sign function, we found that the data/ PDF document hash we pass (by converting document hash to hex format) gets signed and if we use the verify function then it gets validated also. But when we attach the signed hash with the document, it says Signature Invalid. Will you be able to give some pointers in terms of usage of Sign function? and how it returns signed data?

Thanks, Tanmay

[bentonstark]

It sounds like you are signing the ASCII version of the hash (ASCII hex). You need to sign the binary hash value. So for say SHA-256 that would produce a 256-bit value or 32 byte (256/8) value. What you don't want to sign is a 64 byte hex encoded ASCII value.

[tankhare]

Hey Benton, thanks for reply. It got resolved. Basically the problem was more of a wrong encoding while attaching the signed data to the document. With a correct encoded data, I was able to test it correctly. Thanks.